Microsoft has released a Security Rollup Package (SRP) for
Windows NT Server 4.0, Terminal Server Edition, that includes the functionality
from the
Post-Windows
NT 4.0 SP6a Security Rollup Package
(http://support.microsoft.com/default.aspx?scid=kb;en-us;299444)
and the security patches that
are described in the "More Information" section in this article. This small,
comprehensive rollup of post-Service Pack 6 (SP6) fixes provides an easier
mechanism for managing the rollout of security fixes.

The SRP includes only security updates for Windows NT 4.0. It does not include
patches for any other products or operating systems. Microsoft Internet
Information Server (IIS) is not intended for use on Windows NT Server 4.0,
Terminal Server Edition, and is not supported. Microsoft recommends that
customers who run IIS 4.0 on Windows NT Server 4.0, Terminal Server Edition,
protect their systems by removing IIS 4.0.

For additional
information about how to download Microsoft Support files, click the following
article number to view the article in the Microsoft Knowledge Base:

119591
(http://support.microsoft.com/kb/119591/EN-US/
)
How to Obtain Microsoft Support Files from Online Services

Microsoft scanned this file for viruses. Microsoft used the most
current virus-detection software that was available on the date that the file
was posted. The file is stored on security-enhanced servers that help to
prevent any unauthorized changes to the file.

Fixes that are included in the SRP

The SRP includes the following post-SP6 fixes that have been
delivered by
Microsoft
Security Bulletins
(http://technet.microsoft.com/en-us/library/cc767874.aspx)
. The SRP also includes some fixes that have not
been previously described. Because security bulletins are disruptive to
customer's maintenance procedures, Microsoft often issues them only when a
security issue poses an immediate danger to customer's computers. Issues that
do not meet this standard are typically addressed through other delivery
vehicles such as service packs or, in this case, the SRP.

303628
(http://support.microsoft.com/kb/303628/EN-US/
)
Relative Path Issue Can Allow Program to Be Run Under the System Context

FrontPage Server Extensions

FrontPage Server Extensions are included as part of the Windows
NT 4.0 Option Pack. This pack is not supported on Windows NT Server 4.0, Terminal
Server Edition. Patches for FrontPage Server Extensions have been provided as
part of the SRP only for customers who have installed the Option Pack to
protect their computers during the migration to a supported operating system.

NOTE: Index Server 2.0 is part of the Windows NT 4.0 Option Pack which
is not supported on Windows NT Server 4.0, Terminal Server Edition. Patches for
Index Server 2.0 have been provided as part of the SRP only for customers who
have installed the Option Pack to protect their computers during the migration
to a supported operating system.

NOTE: Internet Information Server 4.0 is part of the Windows NT 4.0
Option Pack which is not supported on Windows NT Server 4.0, Terminal Server
Edition. Patches for IIS 4.0 have been provided as part of the SRP only for
customers who have installed the Option Pack to protect their computers during
the migration to a supported operating system.

313829
(http://support.microsoft.com/kb/313829/EN-US/
)
Unchecked Buffer in Windows Shell Could Lead to Code Running

314147
(http://support.microsoft.com/kb/314147/EN-US/
)
MS02-006: An Unchecked Buffer in the SNMP Service May Allow Code to Run

318202
(http://support.microsoft.com/kb/318202/EN-US/
)
MS02-008: XMLHTTP Control in MSXML 2.0 Can Allow Access to Local Files

The Windows NT Server 4.0, Terminal Server Edition
SRP does not include the patch delivered in the following post-SP6 security
bulletin, because it should only be applied if WebDAV has been installed on the
server.

296441
(http://support.microsoft.com/kb/296441/EN-US/
)
MS01-022: WebDAV Service Provider Can Allow Scripts to Levy Requests as a User

The Windows NT Server 4.0, Terminal Server Edition
SRP does not include the tools that are provided as part of the following
bulletins. These tools should be downloaded and run separately.